diff options
Diffstat (limited to 'FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c')
-rw-r--r-- | FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c | 4758 |
1 files changed, 0 insertions, 4758 deletions
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c deleted file mode 100644 index e19675bd9..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c +++ /dev/null @@ -1,4758 +0,0 @@ -/* test.c - * - * Copyright (C) 2006-2014 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifdef HAVE_CONFIG_H - #include <config.h> -#endif - -#include <cyassl/ctaocrypt/settings.h> - -#ifdef XMALLOC_USER - #include <stdlib.h> /* we're using malloc / free direct here */ -#endif - -#ifndef NO_CRYPT_TEST - -#ifdef CYASSL_TEST_CERT - #include <cyassl/ctaocrypt/asn.h> -#else - #include <cyassl/ctaocrypt/asn_public.h> -#endif -#include <cyassl/ctaocrypt/md2.h> -#include <cyassl/ctaocrypt/md5.h> -#include <cyassl/ctaocrypt/md4.h> -#include <cyassl/ctaocrypt/sha.h> -#include <cyassl/ctaocrypt/sha256.h> -#include <cyassl/ctaocrypt/sha512.h> -#include <cyassl/ctaocrypt/arc4.h> -#include <cyassl/ctaocrypt/random.h> -#include <cyassl/ctaocrypt/coding.h> -#include <cyassl/ctaocrypt/rsa.h> -#include <cyassl/ctaocrypt/des3.h> -#include <cyassl/ctaocrypt/aes.h> -#include <cyassl/ctaocrypt/camellia.h> -#include <cyassl/ctaocrypt/hmac.h> -#include <cyassl/ctaocrypt/dh.h> -#include <cyassl/ctaocrypt/dsa.h> -#include <cyassl/ctaocrypt/hc128.h> -#include <cyassl/ctaocrypt/rabbit.h> -#include <cyassl/ctaocrypt/pwdbased.h> -#include <cyassl/ctaocrypt/ripemd.h> -#ifdef HAVE_ECC - #include <cyassl/ctaocrypt/ecc.h> -#endif -#ifdef HAVE_BLAKE2 - #include <cyassl/ctaocrypt/blake2.h> -#endif -#ifdef HAVE_LIBZ - #include <cyassl/ctaocrypt/compress.h> -#endif -#ifdef HAVE_PKCS7 - #include <cyassl/ctaocrypt/pkcs7.h> -#endif - -#ifdef _MSC_VER - /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ - #pragma warning(disable: 4996) -#endif - -#ifdef OPENSSL_EXTRA - #include <cyassl/openssl/evp.h> - #include <cyassl/openssl/rand.h> - #include <cyassl/openssl/hmac.h> - #include <cyassl/openssl/des.h> -#endif - - -#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) - /* include test cert and key buffers for use with NO_FILESYSTEM */ - #if defined(CYASSL_MDK_ARM) - #include "cert_data.h" - /* use certs_test.c for initial data, so other - commands can share the data. */ - #else - #include <cyassl/certs_test.h> - #endif -#endif - -#if defined(CYASSL_MDK_ARM) - #include <stdio.h> - #include <stdlib.h> - extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; - #define fopen CyaSSL_fopen -#endif - -#ifdef HAVE_NTRU - #include "crypto_ntru.h" -#endif -#ifdef HAVE_CAVIUM - #include "cavium_sysdep.h" - #include "cavium_common.h" - #include "cavium_ioctl.h" -#endif - -#ifdef FREESCALE_MQX - #include <mqx.h> - #include <fio.h> - #include <stdlib.h> -#else - #include <stdio.h> -#endif - - -#ifdef THREADX - /* since just testing, use THREADX log printf instead */ - int dc_log_printf(char*, ...); - #undef printf - #define printf dc_log_printf -#endif - -#include "ctaocrypt/test/test.h" - - -typedef struct testVector { - const char* input; - const char* output; - size_t inLen; - size_t outLen; -} testVector; - -int md2_test(void); -int md5_test(void); -int md4_test(void); -int sha_test(void); -int sha256_test(void); -int sha512_test(void); -int sha384_test(void); -int hmac_md5_test(void); -int hmac_sha_test(void); -int hmac_sha256_test(void); -int hmac_sha384_test(void); -int hmac_sha512_test(void); -int hmac_blake2b_test(void); -int hkdf_test(void); -int arc4_test(void); -int hc128_test(void); -int rabbit_test(void); -int des_test(void); -int des3_test(void); -int aes_test(void); -int aesgcm_test(void); -int gmac_test(void); -int aesccm_test(void); -int camellia_test(void); -int rsa_test(void); -int dh_test(void); -int dsa_test(void); -int random_test(void); -int pwdbased_test(void); -int ripemd_test(void); -int openssl_test(void); /* test mini api */ -int pbkdf1_test(void); -int pkcs12_test(void); -int pbkdf2_test(void); -#ifdef HAVE_ECC - int ecc_test(void); - #ifdef HAVE_ECC_ENCRYPT - int ecc_encrypt_test(void); - #endif -#endif -#ifdef HAVE_BLAKE2 - int blake2b_test(void); -#endif -#ifdef HAVE_LIBZ - int compress_test(void); -#endif -#ifdef HAVE_PKCS7 - int pkcs7enveloped_test(void); - int pkcs7signed_test(void); -#endif - - - -static void err_sys(const char* msg, int es) -{ - printf("%s error = %d\n", msg, es); - #if !defined(THREADX) && !defined(CYASSL_MDK_ARM) - if (msg) - exit(es); - #endif - return; -} - -/* func_args from test.h, so don't have to pull in other junk */ -typedef struct func_args { - int argc; - char** argv; - int return_code; -} func_args; - - - -void ctaocrypt_test(void* args) -{ - int ret = 0; - - ((func_args*)args)->return_code = -1; /* error state */ - -#if !defined(NO_BIG_INT) - if (CheckCtcSettings() != 1) - err_sys("Build vs runtime math mismatch\n", -1234); - -#ifdef USE_FAST_MATH - if (CheckFastMathSettings() != 1) - err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235); -#endif /* USE_FAST_MATH */ -#endif /* !NO_BIG_INT */ - - -#ifndef NO_MD5 - if ( (ret = md5_test()) != 0) - err_sys("MD5 test failed!\n", ret); - else - printf( "MD5 test passed!\n"); -#endif - -#ifdef CYASSL_MD2 - if ( (ret = md2_test()) != 0) - err_sys("MD2 test failed!\n", ret); - else - printf( "MD2 test passed!\n"); -#endif - -#ifndef NO_MD4 - if ( (ret = md4_test()) != 0) - err_sys("MD4 test failed!\n", ret); - else - printf( "MD4 test passed!\n"); -#endif - -#ifndef NO_SHA - if ( (ret = sha_test()) != 0) - err_sys("SHA test failed!\n", ret); - else - printf( "SHA test passed!\n"); -#endif - -#ifndef NO_SHA256 - if ( (ret = sha256_test()) != 0) - err_sys("SHA-256 test failed!\n", ret); - else - printf( "SHA-256 test passed!\n"); -#endif - -#ifdef CYASSL_SHA384 - if ( (ret = sha384_test()) != 0) - err_sys("SHA-384 test failed!\n", ret); - else - printf( "SHA-384 test passed!\n"); -#endif - -#ifdef CYASSL_SHA512 - if ( (ret = sha512_test()) != 0) - err_sys("SHA-512 test failed!\n", ret); - else - printf( "SHA-512 test passed!\n"); -#endif - -#ifdef CYASSL_RIPEMD - if ( (ret = ripemd_test()) != 0) - err_sys("RIPEMD test failed!\n", ret); - else - printf( "RIPEMD test passed!\n"); -#endif - -#ifdef HAVE_BLAKE2 - if ( (ret = blake2b_test()) != 0) - err_sys("BLAKE2b test failed!\n", ret); - else - printf( "BLAKE2b test passed!\n"); -#endif - -#ifndef NO_HMAC - #ifndef NO_MD5 - if ( (ret = hmac_md5_test()) != 0) - err_sys("HMAC-MD5 test failed!\n", ret); - else - printf( "HMAC-MD5 test passed!\n"); - #endif - - #ifndef NO_SHA - if ( (ret = hmac_sha_test()) != 0) - err_sys("HMAC-SHA test failed!\n", ret); - else - printf( "HMAC-SHA test passed!\n"); - #endif - - #ifndef NO_SHA256 - if ( (ret = hmac_sha256_test()) != 0) - err_sys("HMAC-SHA256 test failed!\n", ret); - else - printf( "HMAC-SHA256 test passed!\n"); - #endif - - #ifdef CYASSL_SHA384 - if ( (ret = hmac_sha384_test()) != 0) - err_sys("HMAC-SHA384 test failed!\n", ret); - else - printf( "HMAC-SHA384 test passed!\n"); - #endif - - #ifdef CYASSL_SHA512 - if ( (ret = hmac_sha512_test()) != 0) - err_sys("HMAC-SHA512 test failed!\n", ret); - else - printf( "HMAC-SHA512 test passed!\n"); - #endif - - #ifdef HAVE_BLAKE2 - if ( (ret = hmac_blake2b_test()) != 0) - err_sys("HMAC-BLAKE2 test failed!\n", ret); - else - printf( "HMAC-BLAKE2 test passed!\n"); - #endif - - #ifdef HAVE_HKDF - if ( (ret = hkdf_test()) != 0) - err_sys("HMAC-KDF test failed!\n", ret); - else - printf( "HMAC-KDF test passed!\n"); - #endif - -#endif - -#ifdef HAVE_AESGCM - if ( (ret = gmac_test()) != 0) - err_sys("GMAC test passed!\n", ret); - else - printf( "GMAC test passed!\n"); -#endif - -#ifndef NO_RC4 - if ( (ret = arc4_test()) != 0) - err_sys("ARC4 test failed!\n", ret); - else - printf( "ARC4 test passed!\n"); -#endif - -#ifndef NO_HC128 - if ( (ret = hc128_test()) != 0) - err_sys("HC-128 test failed!\n", ret); - else - printf( "HC-128 test passed!\n"); -#endif - -#ifndef NO_RABBIT - if ( (ret = rabbit_test()) != 0) - err_sys("Rabbit test failed!\n", ret); - else - printf( "Rabbit test passed!\n"); -#endif - -#ifndef NO_DES3 - if ( (ret = des_test()) != 0) - err_sys("DES test failed!\n", ret); - else - printf( "DES test passed!\n"); -#endif - -#ifndef NO_DES3 - if ( (ret = des3_test()) != 0) - err_sys("DES3 test failed!\n", ret); - else - printf( "DES3 test passed!\n"); -#endif - -#ifndef NO_AES - if ( (ret = aes_test()) != 0) - err_sys("AES test failed!\n", ret); - else - printf( "AES test passed!\n"); - -#ifdef HAVE_AESGCM - if ( (ret = aesgcm_test()) != 0) - err_sys("AES-GCM test failed!\n", ret); - else - printf( "AES-GCM test passed!\n"); -#endif - -#ifdef HAVE_AESCCM - if ( (ret = aesccm_test()) != 0) - err_sys("AES-CCM test failed!\n", ret); - else - printf( "AES-CCM test passed!\n"); -#endif -#endif - -#ifdef HAVE_CAMELLIA - if ( (ret = camellia_test()) != 0) - err_sys("CAMELLIA test failed!\n", ret); - else - printf( "CAMELLIA test passed!\n"); -#endif - - if ( (ret = random_test()) != 0) - err_sys("RANDOM test failed!\n", ret); - else - printf( "RANDOM test passed!\n"); - -#ifndef NO_RSA - if ( (ret = rsa_test()) != 0) - err_sys("RSA test failed!\n", ret); - else - printf( "RSA test passed!\n"); -#endif - -#ifndef NO_DH - if ( (ret = dh_test()) != 0) - err_sys("DH test failed!\n", ret); - else - printf( "DH test passed!\n"); -#endif - -#ifndef NO_DSA - if ( (ret = dsa_test()) != 0) - err_sys("DSA test failed!\n", ret); - else - printf( "DSA test passed!\n"); -#endif - -#ifndef NO_PWDBASED - if ( (ret = pwdbased_test()) != 0) - err_sys("PWDBASED test failed!\n", ret); - else - printf( "PWDBASED test passed!\n"); -#endif - -#ifdef OPENSSL_EXTRA - if ( (ret = openssl_test()) != 0) - err_sys("OPENSSL test failed!\n", ret); - else - printf( "OPENSSL test passed!\n"); -#endif - -#ifdef HAVE_ECC - if ( (ret = ecc_test()) != 0) - err_sys("ECC test failed!\n", ret); - else - printf( "ECC test passed!\n"); - #ifdef HAVE_ECC_ENCRYPT - if ( (ret = ecc_encrypt_test()) != 0) - err_sys("ECC Enc test failed!\n", ret); - else - printf( "ECC Enc test passed!\n"); - #endif -#endif - -#ifdef HAVE_LIBZ - if ( (ret = compress_test()) != 0) - err_sys("COMPRESS test failed!\n", ret); - else - printf( "COMPRESS test passed!\n"); -#endif - -#ifdef HAVE_PKCS7 - if ( (ret = pkcs7enveloped_test()) != 0) - err_sys("PKCS7enveloped test failed!\n", ret); - else - printf( "PKCS7enveloped test passed!\n"); - - if ( (ret = pkcs7signed_test()) != 0) - err_sys("PKCS7signed test failed!\n", ret); - else - printf( "PKCS7signed test passed!\n"); -#endif - - ((func_args*)args)->return_code = ret; -} - - -#ifndef NO_MAIN_DRIVER - -#ifdef HAVE_CAVIUM - -static int OpenNitroxDevice(int dma_mode,int dev_id) -{ - Csp1CoreAssignment core_assign; - Uint32 device; - - if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) - return -1; - if (Csp1GetDevType(&device)) - return -1; - if (device != NPX_DEVICE) { - if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, - (Uint32 *)&core_assign)!= 0) - return -1; - } - CspShutdown(CAVIUM_DEV_ID); - - return CspInitialize(dma_mode, dev_id); -} - -#endif /* HAVE_CAVIUM */ - - /* so overall tests can pull in test function */ - - int main(int argc, char** argv) - { - - func_args args; - - -#ifdef HAVE_CAVIUM - int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); - if (ret != 0) - err_sys("Cavium OpenNitroxDevice failed", -1236); -#endif /* HAVE_CAVIUM */ - - args.argc = argc; - args.argv = argv; - - ctaocrypt_test(&args); - -#ifdef HAVE_CAVIUM - CspShutdown(CAVIUM_DEV_ID); -#endif - - return args.return_code; - } - -#endif /* NO_MAIN_DRIVER */ - - -#ifdef CYASSL_MD2 -int md2_test() -{ - Md2 md2; - byte hash[MD2_DIGEST_SIZE]; - - testVector a, b, c, d, e, f, g; - testVector test_md2[7]; - int times = sizeof(test_md2) / sizeof(testVector), i; - - a.input = ""; - a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" - "\x27\x73"; - a.inLen = strlen(a.input); - a.outLen = MD2_DIGEST_SIZE; - - b.input = "a"; - b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" - "\xb5\xd1"; - b.inLen = strlen(b.input); - b.outLen = MD2_DIGEST_SIZE; - - c.input = "abc"; - c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" - "\xd6\xbb"; - c.inLen = strlen(c.input); - c.outLen = MD2_DIGEST_SIZE; - - d.input = "message digest"; - d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" - "\x06\xb0"; - d.inLen = strlen(d.input); - d.outLen = MD2_DIGEST_SIZE; - - e.input = "abcdefghijklmnopqrstuvwxyz"; - e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" - "\x94\x0b"; - e.inLen = strlen(e.input); - e.outLen = MD2_DIGEST_SIZE; - - f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" - "6789"; - f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" - "\x38\xcd"; - f.inLen = strlen(f.input); - f.outLen = MD2_DIGEST_SIZE; - - g.input = "1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890"; - g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" - "\xef\xd8"; - g.inLen = strlen(g.input); - g.outLen = MD2_DIGEST_SIZE; - - test_md2[0] = a; - test_md2[1] = b; - test_md2[2] = c; - test_md2[3] = d; - test_md2[4] = e; - test_md2[5] = f; - test_md2[6] = g; - - InitMd2(&md2); - - for (i = 0; i < times; ++i) { - Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen); - Md2Final(&md2, hash); - - if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0) - return -155 - i; - } - - return 0; -} -#endif - -#ifndef NO_MD5 -int md5_test(void) -{ - Md5 md5; - byte hash[MD5_DIGEST_SIZE]; - - testVector a, b, c, d, e; - testVector test_md5[5]; - int times = sizeof(test_md5) / sizeof(testVector), i; - - a.input = "abc"; - a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" - "\x72"; - a.inLen = strlen(a.input); - a.outLen = MD5_DIGEST_SIZE; - - b.input = "message digest"; - b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" - "\xd0"; - b.inLen = strlen(b.input); - b.outLen = MD5_DIGEST_SIZE; - - c.input = "abcdefghijklmnopqrstuvwxyz"; - c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" - "\x3b"; - c.inLen = strlen(c.input); - c.outLen = MD5_DIGEST_SIZE; - - d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" - "6789"; - d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" - "\x9f"; - d.inLen = strlen(d.input); - d.outLen = MD5_DIGEST_SIZE; - - e.input = "1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890"; - e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" - "\x7a"; - e.inLen = strlen(e.input); - e.outLen = MD5_DIGEST_SIZE; - - test_md5[0] = a; - test_md5[1] = b; - test_md5[2] = c; - test_md5[3] = d; - test_md5[4] = e; - - InitMd5(&md5); - - for (i = 0; i < times; ++i) { - Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen); - Md5Final(&md5, hash); - - if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0) - return -5 - i; - } - - return 0; -} -#endif /* NO_MD5 */ - - -#ifndef NO_MD4 - -int md4_test(void) -{ - Md4 md4; - byte hash[MD4_DIGEST_SIZE]; - - testVector a, b, c, d, e, f, g; - testVector test_md4[7]; - int times = sizeof(test_md4) / sizeof(testVector), i; - - a.input = ""; - a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" - "\xc0"; - a.inLen = strlen(a.input); - a.outLen = MD4_DIGEST_SIZE; - - b.input = "a"; - b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" - "\x24"; - b.inLen = strlen(b.input); - b.outLen = MD4_DIGEST_SIZE; - - c.input = "abc"; - c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" - "\x9d"; - c.inLen = strlen(c.input); - c.outLen = MD4_DIGEST_SIZE; - - d.input = "message digest"; - d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" - "\x4b"; - d.inLen = strlen(d.input); - d.outLen = MD4_DIGEST_SIZE; - - e.input = "abcdefghijklmnopqrstuvwxyz"; - e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" - "\xa9"; - e.inLen = strlen(e.input); - e.outLen = MD4_DIGEST_SIZE; - - f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" - "6789"; - f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" - "\xe4"; - f.inLen = strlen(f.input); - f.outLen = MD4_DIGEST_SIZE; - - g.input = "1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890"; - g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" - "\x36"; - g.inLen = strlen(g.input); - g.outLen = MD4_DIGEST_SIZE; - - test_md4[0] = a; - test_md4[1] = b; - test_md4[2] = c; - test_md4[3] = d; - test_md4[4] = e; - test_md4[5] = f; - test_md4[6] = g; - - InitMd4(&md4); - - for (i = 0; i < times; ++i) { - Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen); - Md4Final(&md4, hash); - - if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0) - return -205 - i; - } - - return 0; -} - -#endif /* NO_MD4 */ - -#ifndef NO_SHA - -int sha_test(void) -{ - Sha sha; - byte hash[SHA_DIGEST_SIZE]; - - testVector a, b, c, d; - testVector test_sha[4]; - int ret; - int times = sizeof(test_sha) / sizeof(struct testVector), i; - - a.input = "abc"; - a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" - "\x6C\x9C\xD0\xD8\x9D"; - a.inLen = strlen(a.input); - a.outLen = SHA_DIGEST_SIZE; - - b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" - "\xE5\xE5\x46\x70\xF1"; - b.inLen = strlen(b.input); - b.outLen = SHA_DIGEST_SIZE; - - c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaa"; - c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" - "\x2A\x25\xEC\x64\x4D"; - c.inLen = strlen(c.input); - c.outLen = SHA_DIGEST_SIZE; - - d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaa"; - d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" - "\x53\x99\x5E\x26\xA0"; - d.inLen = strlen(d.input); - d.outLen = SHA_DIGEST_SIZE; - - test_sha[0] = a; - test_sha[1] = b; - test_sha[2] = c; - test_sha[3] = d; - - ret = InitSha(&sha); - if (ret != 0) - return -4001; - - for (i = 0; i < times; ++i) { - ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); - ShaFinal(&sha, hash); - - if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} - -#endif /* NO_SHA */ - -#ifdef CYASSL_RIPEMD -int ripemd_test(void) -{ - RipeMd ripemd; - byte hash[RIPEMD_DIGEST_SIZE]; - - testVector a, b, c, d; - testVector test_ripemd[4]; - int times = sizeof(test_ripemd) / sizeof(struct testVector), i; - - a.input = "abc"; - a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" - "\xb0\x87\xf1\x5a\x0b\xfc"; - a.inLen = strlen(a.input); - a.outLen = RIPEMD_DIGEST_SIZE; - - b.input = "message digest"; - b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" - "\x5f\xfa\x21\x59\x5f\x36"; - b.inLen = strlen(b.input); - b.outLen = RIPEMD_DIGEST_SIZE; - - c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" - "\xf4\x9a\xda\x62\xeb\x2b"; - c.inLen = strlen(c.input); - c.outLen = RIPEMD_DIGEST_SIZE; - - d.input = "12345678901234567890123456789012345678901234567890123456" - "789012345678901234567890"; - d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" - "\x82\xbf\x63\x32\x6b\xfb"; - d.inLen = strlen(d.input); - d.outLen = RIPEMD_DIGEST_SIZE; - - test_ripemd[0] = a; - test_ripemd[1] = b; - test_ripemd[2] = c; - test_ripemd[3] = d; - - InitRipeMd(&ripemd); - - for (i = 0; i < times; ++i) { - RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input, - (word32)test_ripemd[i].inLen); - RipeMdFinal(&ripemd, hash); - - if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} -#endif /* CYASSL_RIPEMD */ - - -#ifdef HAVE_BLAKE2 - - -#define BLAKE2_TESTS 3 - -static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] = -{ - { - 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03, - 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72, - 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61, - 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19, - 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53, - 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B, - 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55, - 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE - }, - { - 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95, - 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7, - 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44, - 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C, - 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB, - 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4, - 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48, - 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B - }, - { - 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9, - 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72, - 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF, - 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15, - 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB, - 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04, - 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1, - 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5 - } -}; - - - -int blake2b_test(void) -{ - Blake2b b2b; - byte digest[64]; - byte input[64]; - int i, ret; - - for (i = 0; i < (int)sizeof(input); i++) - input[i] = (byte)i; - - for (i = 0; i < BLAKE2_TESTS; i++) { - ret = InitBlake2b(&b2b, 64); - if (ret != 0) - return -4002; - - ret = Blake2bUpdate(&b2b, input, i); - if (ret != 0) - return -4003; - - ret = Blake2bFinal(&b2b, digest, 64); - if (ret != 0) - return -4004; - - if (memcmp(digest, blake2b_vec[i], 64) != 0) { - return -300 - i; - } - } - - return 0; -} -#endif /* HAVE_BLAKE2 */ - - -#ifndef NO_SHA256 -int sha256_test(void) -{ - Sha256 sha; - byte hash[SHA256_DIGEST_SIZE]; - - testVector a, b; - testVector test_sha[2]; - int ret; - int times = sizeof(test_sha) / sizeof(struct testVector), i; - - a.input = "abc"; - a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" - "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" - "\x15\xAD"; - a.inLen = strlen(a.input); - a.outLen = SHA256_DIGEST_SIZE; - - b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" - "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" - "\x06\xC1"; - b.inLen = strlen(b.input); - b.outLen = SHA256_DIGEST_SIZE; - - test_sha[0] = a; - test_sha[1] = b; - - ret = InitSha256(&sha); - if (ret != 0) - return -4005; - - for (i = 0; i < times; ++i) { - ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - if (ret != 0) - return -4006; - ret = Sha256Final(&sha, hash); - if (ret != 0) - return -4007; - - if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} -#endif - - -#ifdef CYASSL_SHA512 -int sha512_test(void) -{ - Sha512 sha; - byte hash[SHA512_DIGEST_SIZE]; - int ret; - - testVector a, b; - testVector test_sha[2]; - int times = sizeof(test_sha) / sizeof(struct testVector), i; - - a.input = "abc"; - a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" - "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" - "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" - "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" - "\xa5\x4c\xa4\x9f"; - a.inLen = strlen(a.input); - a.outLen = SHA512_DIGEST_SIZE; - - b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" - "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" - "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" - "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; - b.inLen = strlen(b.input); - b.outLen = SHA512_DIGEST_SIZE; - - test_sha[0] = a; - test_sha[1] = b; - - ret = InitSha512(&sha); - if (ret != 0) - return -4009; - - for (i = 0; i < times; ++i) { - ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - if (ret != 0) - return -4010; - - ret = Sha512Final(&sha, hash); - if (ret != 0) - return -4011; - - if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} -#endif - - -#ifdef CYASSL_SHA384 -int sha384_test(void) -{ - Sha384 sha; - byte hash[SHA384_DIGEST_SIZE]; - int ret; - - testVector a, b; - testVector test_sha[2]; - int times = sizeof(test_sha) / sizeof(struct testVector), i; - - a.input = "abc"; - a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" - "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" - "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" - "\xc8\x25\xa7"; - a.inLen = strlen(a.input); - a.outLen = SHA384_DIGEST_SIZE; - - b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" - "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" - "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" - "\x74\x60\x39"; - b.inLen = strlen(b.input); - b.outLen = SHA384_DIGEST_SIZE; - - test_sha[0] = a; - test_sha[1] = b; - - ret = InitSha384(&sha); - if (ret != 0) - return -4012; - - for (i = 0; i < times; ++i) { - ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - if (ret != 0) - return -4013; - - ret = Sha384Final(&sha, hash); - if (ret != 0) - return -4014; - - if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) - return -10 - i; - } - - return 0; -} -#endif /* CYASSL_SHA384 */ - - -#if !defined(NO_HMAC) && !defined(NO_MD5) -int hmac_md5_test(void) -{ - Hmac hmac; - byte hash[MD5_DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" - "\x9d"; - a.inLen = strlen(a.input); - a.outLen = MD5_DIGEST_SIZE; - - b.input = "what do ya want for nothing?"; - b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" - "\x38"; - b.inLen = strlen(b.input); - b.outLen = MD5_DIGEST_SIZE; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" - "\xf6"; - c.inLen = strlen(c.input); - c.outLen = MD5_DIGEST_SIZE; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { -#ifdef HAVE_CAVIUM - if (i == 1) - continue; /* driver can't handle keys <= bytes */ - if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20009; -#endif - ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); - if (ret != 0) - return -4015; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4016; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4017; - - if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) - return -20 - i; -#ifdef HAVE_CAVIUM - HmacFreeCavium(&hmac); -#endif - } - - return 0; -} -#endif /* NO_HMAC && NO_MD5 */ - -#if !defined(NO_HMAC) && !defined(NO_SHA) -int hmac_sha_test(void) -{ - Hmac hmac; - byte hash[SHA_DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" - "\x8e\xf1\x46\xbe\x00"; - a.inLen = strlen(a.input); - a.outLen = SHA_DIGEST_SIZE; - - b.input = "what do ya want for nothing?"; - b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" - "\x9c\x25\x9a\x7c\x79"; - b.inLen = strlen(b.input); - b.outLen = SHA_DIGEST_SIZE; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" - "\x4f\x63\xf1\x75\xd3"; - c.inLen = strlen(c.input); - c.outLen = SHA_DIGEST_SIZE; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { -#ifdef HAVE_CAVIUM - if (i == 1) - continue; /* driver can't handle keys <= bytes */ - if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20010; -#endif - ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); - if (ret != 0) - return -4018; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4019; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4020; - - if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) - return -20 - i; -#ifdef HAVE_CAVIUM - HmacFreeCavium(&hmac); -#endif - } - - return 0; -} -#endif - - -#if !defined(NO_HMAC) && !defined(NO_SHA256) -int hmac_sha256_test(void) -{ - Hmac hmac; - byte hash[SHA256_DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" - "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" - "\xcf\xf7"; - a.inLen = strlen(a.input); - a.outLen = SHA256_DIGEST_SIZE; - - b.input = "what do ya want for nothing?"; - b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" - "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" - "\x38\x43"; - b.inLen = strlen(b.input); - b.outLen = SHA256_DIGEST_SIZE; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" - "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" - "\x65\xfe"; - c.inLen = strlen(c.input); - c.outLen = SHA256_DIGEST_SIZE; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { -#ifdef HAVE_CAVIUM - if (i == 1) - continue; /* driver can't handle keys <= bytes */ - if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20011; -#endif - ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); - if (ret != 0) - return -4021; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4022; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4023; - - if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) - return -20 - i; -#ifdef HAVE_CAVIUM - HmacFreeCavium(&hmac); -#endif - } - - return 0; -} -#endif - - -#if !defined(NO_HMAC) && defined(HAVE_BLAKE2) -int hmac_blake2b_test(void) -{ - Hmac hmac; - byte hash[BLAKE2B_256]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" - "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" - "\xac\xfd"; - a.inLen = strlen(a.input); - a.outLen = BLAKE2B_256; - - b.input = "what do ya want for nothing?"; - b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" - "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" - "\xda\x2b"; - b.inLen = strlen(b.input); - b.outLen = BLAKE2B_256; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" - "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" - "\x0f\x87"; - c.inLen = strlen(c.input); - c.outLen = BLAKE2B_256; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { -#ifdef HAVE_CAVIUM - if (i == 1) - continue; /* driver can't handle keys <= bytes */ - if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) - return -20011; -#endif - ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], - (word32)strlen(keys[i])); - if (ret != 0) - return -4024; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4025; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4026; - - if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) - return -20 - i; -#ifdef HAVE_CAVIUM - HmacFreeCavium(&hmac); -#endif - } - - return 0; -} -#endif - - -#if !defined(NO_HMAC) && defined(CYASSL_SHA384) -int hmac_sha384_test(void) -{ - Hmac hmac; - byte hash[SHA384_DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" - "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" - "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" - "\xfa\x9c\xb6"; - a.inLen = strlen(a.input); - a.outLen = SHA384_DIGEST_SIZE; - - b.input = "what do ya want for nothing?"; - b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" - "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" - "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" - "\xb2\x16\x49"; - b.inLen = strlen(b.input); - b.outLen = SHA384_DIGEST_SIZE; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" - "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" - "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" - "\xa3\x4f\x27"; - c.inLen = strlen(c.input); - c.outLen = SHA384_DIGEST_SIZE; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { - ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); - if (ret != 0) - return -4027; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4028; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4029; - - if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) - return -20 - i; - } - - return 0; -} -#endif - - -#if !defined(NO_HMAC) && defined(CYASSL_SHA512) -int hmac_sha512_test(void) -{ - Hmac hmac; - byte hash[SHA512_DIGEST_SIZE]; - - const char* keys[]= - { - "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" - "\x0b\x0b\x0b", - "Jefe", - "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" - "\xAA\xAA\xAA" - }; - - testVector a, b, c; - testVector test_hmac[3]; - - int ret; - int times = sizeof(test_hmac) / sizeof(testVector), i; - - a.input = "Hi There"; - a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" - "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1" - "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae" - "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20" - "\x3a\x12\x68\x54"; - a.inLen = strlen(a.input); - a.outLen = SHA512_DIGEST_SIZE; - - b.input = "what do ya want for nothing?"; - b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0" - "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25" - "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8" - "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a" - "\x38\xbc\xe7\x37"; - b.inLen = strlen(b.input); - b.outLen = SHA512_DIGEST_SIZE; - - c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" - "\xDD\xDD\xDD\xDD\xDD\xDD"; - c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b" - "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27" - "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e" - "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59" - "\xe1\x32\x92\xfb"; - c.inLen = strlen(c.input); - c.outLen = SHA512_DIGEST_SIZE; - - test_hmac[0] = a; - test_hmac[1] = b; - test_hmac[2] = c; - - for (i = 0; i < times; ++i) { - ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); - if (ret != 0) - return -4030; - ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, - (word32)test_hmac[i].inLen); - if (ret != 0) - return -4031; - ret = HmacFinal(&hmac, hash); - if (ret != 0) - return -4032; - - if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) - return -20 - i; - } - - return 0; -} -#endif - - -#ifndef NO_RC4 -int arc4_test(void) -{ - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x00\x00\x00\x00\x00\x00\x00\x00", - "\xef\x01\x23\x45" - }; - - testVector a, b, c, d; - testVector test_arc4[4]; - - int times = sizeof(test_arc4) / sizeof(testVector), i; - - a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; - a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; - a.inLen = 8; - a.outLen = 8; - - b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; - b.inLen = 8; - b.outLen = 8; - - c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; - c.inLen = 8; - c.outLen = 8; - - d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; - d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; - d.inLen = 10; - d.outLen = 10; - - test_arc4[0] = a; - test_arc4[1] = b; - test_arc4[2] = c; - test_arc4[3] = d; - - for (i = 0; i < times; ++i) { - Arc4 enc; - Arc4 dec; - int keylen = 8; /* strlen with key 0x00 not good */ - if (i == 3) - keylen = 4; - -#ifdef HAVE_CAVIUM - if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20001; - if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20002; -#endif - - Arc4SetKey(&enc, (byte*)keys[i], keylen); - Arc4SetKey(&dec, (byte*)keys[i], keylen); - - Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, - (word32)test_arc4[i].outLen); - Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); - - if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) - return -20 - i; - - if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) - return -20 - 5 - i; - -#ifdef HAVE_CAVIUM - Arc4FreeCavium(&enc); - Arc4FreeCavium(&dec); -#endif - } - - return 0; -} -#endif - - -int hc128_test(void) -{ -#ifdef HAVE_HC128 - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", - "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" - }; - - const char* ivs[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", - "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" - }; - - - testVector a, b, c, d; - testVector test_hc128[4]; - - int times = sizeof(test_hc128) / sizeof(testVector), i; - - a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; - a.inLen = 8; - a.outLen = 8; - - b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; - b.inLen = 8; - b.outLen = 8; - - c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; - c.inLen = 8; - c.outLen = 8; - - d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; - d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; - d.inLen = 15; - d.outLen = 15; - - test_hc128[0] = a; - test_hc128[1] = b; - test_hc128[2] = c; - test_hc128[3] = d; - - for (i = 0; i < times; ++i) { - HC128 enc; - HC128 dec; - - /* align keys/ivs in plain/cipher buffers */ - memcpy(plain, keys[i], 16); - memcpy(cipher, ivs[i], 16); - - Hc128_SetKey(&enc, plain, cipher); - Hc128_SetKey(&dec, plain, cipher); - - /* align input */ - memcpy(plain, test_hc128[i].input, test_hc128[i].outLen); - Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen); - Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); - - if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) - return -120 - i; - - if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) - return -120 - 5 - i; - } - -#endif /* HAVE_HC128 */ - return 0; -} - - -#ifndef NO_RABBIT -int rabbit_test(void) -{ - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" - }; - - const char* ivs[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00", - "\x59\x7E\x26\xC1\x75\xF5\x73\xC3", - 0 - }; - - testVector a, b, c; - testVector test_rabbit[3]; - - int times = sizeof(test_rabbit) / sizeof(testVector), i; - - a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"; - a.inLen = 8; - a.outLen = 8; - - b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"; - b.inLen = 8; - b.outLen = 8; - - c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77"; - c.inLen = 8; - c.outLen = 8; - - test_rabbit[0] = a; - test_rabbit[1] = b; - test_rabbit[2] = c; - - for (i = 0; i < times; ++i) { - Rabbit enc; - Rabbit dec; - byte* iv; - - /* align keys/ivs in plain/cipher buffers */ - memcpy(plain, keys[i], 16); - if (ivs[i]) { - memcpy(cipher, ivs[i], 8); - iv = cipher; - } else - iv = NULL; - RabbitSetKey(&enc, plain, iv); - RabbitSetKey(&dec, plain, iv); - - /* align input */ - memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen); - RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen); - RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen); - - if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen)) - return -130 - i; - - if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen)) - return -130 - 5 - i; - } - - return 0; -} -#endif /* NO_RABBIT */ - - -#ifndef NO_DES3 -int des_test(void) -{ - const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - byte plain[24]; - byte cipher[24]; - - Des enc; - Des dec; - - const byte key[] = - { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef - }; - - const byte iv[] = - { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef - }; - - const byte verify[] = - { - 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, - 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, - 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b - }; - - int ret; - - ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION); - if (ret != 0) - return -31; - - Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); - ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION); - if (ret != 0) - return -32; - Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); - - if (memcmp(plain, vector, sizeof(plain))) - return -33; - - if (memcmp(cipher, verify, sizeof(cipher))) - return -34; - - return 0; -} -#endif /* NO_DES3 */ - - -#ifndef NO_DES3 -int des3_test(void) -{ - const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ - 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - byte plain[24]; - byte cipher[24]; - - Des3 enc; - Des3 dec; - - const byte key3[] = - { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, - 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, - 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 - }; - const byte iv3[] = - { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, - 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, - 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 - - }; - - const byte verify3[] = - { - 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, - 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, - 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0 - }; - - int ret; - - -#ifdef HAVE_CAVIUM - if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20005; - if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20006; -#endif - ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); - if (ret != 0) - return -31; - ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); - if (ret != 0) - return -32; - ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); - if (ret != 0) - return -33; - ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); - if (ret != 0) - return -34; - - if (memcmp(plain, vector, sizeof(plain))) - return -35; - - if (memcmp(cipher, verify3, sizeof(cipher))) - return -36; - -#ifdef HAVE_CAVIUM - Des3_FreeCavium(&enc); - Des3_FreeCavium(&dec); -#endif - return 0; -} -#endif /* NO_DES */ - - -#ifndef NO_AES -int aes_test(void) -{ - Aes enc; - Aes dec; - - const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - const byte verify[] = - { - 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, - 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb - }; - - byte key[] = "0123456789abcdef "; /* align */ - byte iv[] = "1234567890abcdef "; /* align */ - - byte cipher[AES_BLOCK_SIZE * 4]; - byte plain [AES_BLOCK_SIZE * 4]; - int ret; - -#ifdef HAVE_CAVIUM - if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) - return -20003; - if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) - return -20004; -#endif - ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); - if (ret != 0) - return -1001; - ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); - if (ret != 0) - return -1002; - - ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); - if (ret != 0) - return -1005; - ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); - if (ret != 0) - return -1006; - - if (memcmp(plain, msg, AES_BLOCK_SIZE)) - return -60; - - if (memcmp(cipher, verify, AES_BLOCK_SIZE)) - return -61; - -#ifdef HAVE_CAVIUM - AesFreeCavium(&enc); - AesFreeCavium(&dec); -#endif -#ifdef CYASSL_AES_COUNTER - { - const byte ctrKey[] = - { - 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, - 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c - }; - - const byte ctrIv[] = - { - 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, - 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff - }; - - - const byte ctrPlain[] = - { - 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, - 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, - 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, - 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, - 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, - 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, - 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, - 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 - }; - - const byte ctrCipher[] = - { - 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26, - 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce, - 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff, - 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff, - 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e, - 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab, - 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1, - 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee - }; - - const byte oddCipher[] = - { - 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, - 0xc2 - }; - - AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); - /* Ctr only uses encrypt, even on key setup */ - AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); - - AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); - AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); - - if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4)) - return -66; - - if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) - return -67; - - /* let's try with just 9 bytes, non block size test */ - AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); - /* Ctr only uses encrypt, even on key setup */ - AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); - - AesCtrEncrypt(&enc, cipher, ctrPlain, 9); - AesCtrEncrypt(&dec, plain, cipher, 9); - - if (memcmp(plain, ctrPlain, 9)) - return -68; - - if (memcmp(cipher, ctrCipher, 9)) - return -69; - - /* and an additional 9 bytes to reuse tmp left buffer */ - AesCtrEncrypt(&enc, cipher, ctrPlain, 9); - AesCtrEncrypt(&dec, plain, cipher, 9); - - if (memcmp(plain, ctrPlain, 9)) - return -70; - - if (memcmp(cipher, oddCipher, 9)) - return -71; - } -#endif /* CYASSL_AES_COUNTER */ - -#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT) - { - const byte niPlain[] = - { - 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, - 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a - }; - - const byte niCipher[] = - { - 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, - 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 - }; - - const byte niKey[] = - { - 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, - 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, - 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, - 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 - }; - - XMEMSET(cipher, 0, AES_BLOCK_SIZE); - ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); - if (ret != 0) - return -1003; - AesEncryptDirect(&enc, cipher, niPlain); - if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) - return -20006; - - XMEMSET(plain, 0, AES_BLOCK_SIZE); - ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); - if (ret != 0) - return -1004; - AesDecryptDirect(&dec, plain, niCipher); - if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) - return -20007; - } -#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */ - - return 0; -} - -#ifdef HAVE_AESGCM -int aesgcm_test(void) -{ - Aes enc; - - /* - * This is Test Case 16 from the document Galois/ - * Counter Mode of Operation (GCM) by McGrew and - * Viega. - */ - const byte k[] = - { - 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, - 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, - 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, - 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 - }; - - const byte iv[] = - { - 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, - 0xde, 0xca, 0xf8, 0x88 - }; - - const byte p[] = - { - 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, - 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, - 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, - 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, - 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, - 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, - 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, - 0xba, 0x63, 0x7b, 0x39 - }; - - const byte a[] = - { - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, - 0xab, 0xad, 0xda, 0xd2 - }; - - const byte c[] = - { - 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, - 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, - 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, - 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, - 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, - 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, - 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, - 0xbc, 0xc9, 0xf6, 0x62 - }; - - const byte t[] = - { - 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, - 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b - }; - - byte t2[sizeof(t)]; - byte p2[sizeof(c)]; - byte c2[sizeof(p)]; - - int result; - - memset(t2, 0, sizeof(t2)); - memset(c2, 0, sizeof(c2)); - memset(p2, 0, sizeof(p2)); - - AesGcmSetKey(&enc, k, sizeof(k)); - /* AES-GCM encrypt and decrypt both use AES encrypt internally */ - AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), - t2, sizeof(t2), a, sizeof(a)); - if (memcmp(c, c2, sizeof(c2))) - return -68; - if (memcmp(t, t2, sizeof(t2))) - return -69; - - result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), - t2, sizeof(t2), a, sizeof(a)); - if (result != 0) - return -70; - if (memcmp(p, p2, sizeof(p2))) - return -71; - - return 0; -} - -int gmac_test(void) -{ - Gmac gmac; - - const byte k1[] = - { - 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, - 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 - }; - const byte iv1[] = - { - 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, - 0xe2, 0x8c, 0x8f, 0x16 - }; - const byte a1[] = - { - 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, - 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77 - }; - const byte t1[] = - { - 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43, - 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b - }; - - const byte k2[] = - { - 0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4, - 0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b - }; - const byte iv2[] = - { - 0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03, - 0x1a, 0x60, 0x24, 0xa7 - }; - const byte a2[] = - { - 0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18, - 0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56 - }; - const byte t2[] = - { - 0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f, - 0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91 - }; - - const byte k3[] = - { - 0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b, - 0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac - }; - const byte iv3[] = - { - 0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92, - 0x6a, 0x9c, 0x26, 0xb0 - }; - const byte a3[] = - { - 0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31, - 0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a - }; - const byte t3[] = - { - 0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48 - }; - - byte tag[16]; - - memset(tag, 0, sizeof(tag)); - GmacSetKey(&gmac, k1, sizeof(k1)); - GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1)); - if (memcmp(t1, tag, sizeof(t1)) != 0) - return -126; - - memset(tag, 0, sizeof(tag)); - GmacSetKey(&gmac, k2, sizeof(k2)); - GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2)); - if (memcmp(t2, tag, sizeof(t2)) != 0) - return -127; - - memset(tag, 0, sizeof(tag)); - GmacSetKey(&gmac, k3, sizeof(k3)); - GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3)); - if (memcmp(t3, tag, sizeof(t3)) != 0) - return -128; - - return 0; -} -#endif /* HAVE_AESGCM */ - -#ifdef HAVE_AESCCM -int aesccm_test(void) -{ - Aes enc; - - /* key */ - const byte k[] = - { - 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, - 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf - }; - - /* nonce */ - const byte iv[] = - { - 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, - 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 - }; - - /* plaintext */ - const byte p[] = - { - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e - }; - - const byte a[] = - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 - }; - - const byte c[] = - { - 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, - 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, - 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 - }; - - const byte t[] = - { - 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 - }; - - byte t2[sizeof(t)]; - byte p2[sizeof(p)]; - byte c2[sizeof(c)]; - - int result; - - memset(t2, 0, sizeof(t2)); - memset(c2, 0, sizeof(c2)); - memset(p2, 0, sizeof(p2)); - - AesCcmSetKey(&enc, k, sizeof(k)); - /* AES-CCM encrypt and decrypt both use AES encrypt internally */ - AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), - t2, sizeof(t2), a, sizeof(a)); - if (memcmp(c, c2, sizeof(c2))) - return -107; - if (memcmp(t, t2, sizeof(t2))) - return -108; - - result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), - t2, sizeof(t2), a, sizeof(a)); - if (result != 0) - return -109; - if (memcmp(p, p2, sizeof(p2))) - return -110; - - /* Test the authentication failure */ - t2[0]++; /* Corrupt the authentication tag. */ - result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv), - t2, sizeof(t2), a, sizeof(a)); - if (result == 0) - return -111; - - /* Clear c2 to compare against p2. p2 should be set to zero in case of - * authentication fail. */ - memset(c2, 0, sizeof(c2)); - if (memcmp(p2, c2, sizeof(p2))) - return -112; - - return 0; -} -#endif /* HAVE_AESCCM */ - - -#endif /* NO_AES */ - - -#ifdef HAVE_CAMELLIA - -enum { - CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC -}; - -typedef struct { - int type; - const byte* plaintext; - const byte* iv; - const byte* ciphertext; - const byte* key; - word32 keySz; - int errorCode; -} test_vector_t; - -int camellia_test(void) -{ - /* Camellia ECB Test Plaintext */ - static const byte pte[] = - { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 - }; - - /* Camellia ECB Test Initialization Vector */ - static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; - - /* Test 1: Camellia ECB 128-bit key */ - static const byte k1[] = - { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 - }; - static const byte c1[] = - { - 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, - 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 - }; - - /* Test 2: Camellia ECB 192-bit key */ - static const byte k2[] = - { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 - }; - static const byte c2[] = - { - 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, - 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 - }; - - /* Test 3: Camellia ECB 256-bit key */ - static const byte k3[] = - { - 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, - 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, - 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, - 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff - }; - static const byte c3[] = - { - 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, - 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 - }; - - /* Camellia CBC Test Plaintext */ - static const byte ptc[] = - { - 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, - 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A - }; - - /* Camellia CBC Test Initialization Vector */ - static const byte ivc[] = - { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F - }; - - /* Test 4: Camellia-CBC 128-bit key */ - static const byte k4[] = - { - 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, - 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C - }; - static const byte c4[] = - { - 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, - 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB - }; - - /* Test 5: Camellia-CBC 192-bit key */ - static const byte k5[] = - { - 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, - 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, - 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B - }; - static const byte c5[] = - { - 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, - 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 - }; - - /* Test 6: CBC 256-bit key */ - static const byte k6[] = - { - 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, - 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, - 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, - 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 - }; - static const byte c6[] = - { - 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, - 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA - }; - - byte out[CAMELLIA_BLOCK_SIZE]; - Camellia cam; - int i, testsSz; - const test_vector_t testVectors[] = - { - {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114}, - {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115}, - {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116}, - {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117}, - {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118}, - {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119}, - {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120}, - {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121}, - {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122}, - {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123}, - {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124}, - {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125} - }; - - testsSz = sizeof(testVectors)/sizeof(test_vector_t); - for (i = 0; i < testsSz; i++) { - if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz, - testVectors[i].iv) != 0) - return testVectors[i].errorCode; - - switch (testVectors[i].type) { - case CAM_ECB_ENC: - CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext); - if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) - return testVectors[i].errorCode; - break; - case CAM_ECB_DEC: - CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext); - if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) - return testVectors[i].errorCode; - break; - case CAM_CBC_ENC: - CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext, - CAMELLIA_BLOCK_SIZE); - if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) - return testVectors[i].errorCode; - break; - case CAM_CBC_DEC: - CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext, - CAMELLIA_BLOCK_SIZE); - if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) - return testVectors[i].errorCode; - break; - default: - break; - } - } - - /* Setting the IV and checking it was actually set. */ - CamelliaSetIV(&cam, ivc); - if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE)) - return -1; - - /* Setting the IV to NULL should be same as all zeros IV */ - if (CamelliaSetIV(&cam, NULL) != 0 || - XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE)) - return -1; - - /* First parameter should never be null */ - if (CamelliaSetIV(NULL, NULL) == 0) - return -1; - - /* First parameter should never be null, check it fails */ - if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0) - return -1; - - /* Key should have a size of 16, 24, or 32 */ - if (CamelliaSetKey(&cam, k1, 0, NULL) == 0) - return -1; - - return 0; -} -#endif /* HAVE_CAMELLIA */ - - -int random_test(void) -{ - RNG rng; - byte block[32]; - int ret; - -#ifdef HAVE_CAVIUM - ret = InitRngCavium(&rng, CAVIUM_DEV_ID); - if (ret != 0) return -2007; -#endif - ret = InitRng(&rng); - if (ret != 0) return -39; - - ret = RNG_GenerateBlock(&rng, block, sizeof(block)); - if (ret != 0) return -40; - - return 0; -} - - -#ifdef HAVE_NTRU - -byte GetEntropy(ENTROPY_CMD cmd, byte* out); - -byte GetEntropy(ENTROPY_CMD cmd, byte* out) -{ - static RNG rng; - - if (cmd == INIT) - return (InitRng(&rng) == 0) ? 1 : 0; - - if (out == NULL) - return 0; - - if (cmd == GET_BYTE_OF_ENTROPY) - return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; - - if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { - *out = 1; - return 1; - } - - return 0; -} - -#endif /* HAVE_NTRU */ - -#ifndef NO_RSA - -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* clientKey = "a:\\certs\\client-key.der"; - static const char* clientCert = "a:\\certs\\client-cert.der"; - #ifdef CYASSL_CERT_GEN - static const char* caKeyFile = "a:\\certs\\ca-key.der"; - static const char* caCertFile = "a:\\certs\\ca-cert.pem"; - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; - static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; - #endif - #endif - #elif defined(CYASSL_MKD_SHELL) - static char* clientKey = "certs/client-key.der"; - static char* clientCert = "certs/client-cert.der"; - void set_clientKey(char *key) { clientKey = key ; } - void set_clientCert(char *cert) { clientCert = cert ; } - #ifdef CYASSL_CERT_GEN - static char* caKeyFile = "certs/ca-key.der"; - static char* caCertFile = "certs/ca-cert.pem"; - void set_caKeyFile (char * key) { caKeyFile = key ; } - void set_caCertFile(char * cert) { caCertFile = cert ; } - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "certs/ecc-key.der"; - static const char* eccCaCertFile = "certs/server-ecc.pem"; - void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } - void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } - #endif - #endif - #else - static const char* clientKey = "./certs/client-key.der"; - static const char* clientCert = "./certs/client-cert.der"; - #ifdef CYASSL_CERT_GEN - static const char* caKeyFile = "./certs/ca-key.der"; - static const char* caCertFile = "./certs/ca-cert.pem"; - #ifdef HAVE_ECC - static const char* eccCaKeyFile = "./certs/ecc-key.der"; - static const char* eccCaCertFile = "./certs/server-ecc.pem"; - #endif - #endif - #endif -#endif - - - -#define FOURK_BUF 4096 - -int rsa_test(void) -{ - byte* tmp; - size_t bytes; - RsaKey key; - RNG rng; - word32 idx = 0; - int ret; - byte in[] = "Everyone gets Friday off."; - word32 inLen = (word32)strlen((char*)in); - byte out[256]; - byte plain[256]; -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - FILE* file, * file2; -#endif -#ifdef CYASSL_TEST_CERT - DecodedCert cert; -#endif - - tmp = (byte*)malloc(FOURK_BUF); - if (tmp == NULL) - return -40; - -#ifdef USE_CERT_BUFFERS_1024 - XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); - bytes = sizeof_client_key_der_1024; -#elif defined(USE_CERT_BUFFERS_2048) - XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048); - bytes = sizeof_client_key_der_2048; -#else - file = fopen(clientKey, "rb"); - - if (!file) - err_sys("can't open ./certs/client-key.der, " - "Please run from CyaSSL home dir", -40); - - bytes = fread(tmp, 1, FOURK_BUF, file); - fclose(file); -#endif /* USE_CERT_BUFFERS */ - -#ifdef HAVE_CAVIUM - RsaInitCavium(&key, CAVIUM_DEV_ID); -#endif - ret = InitRsaKey(&key, 0); - if (ret != 0) return -39; - ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); - if (ret != 0) return -41; - - ret = InitRng(&rng); - if (ret != 0) return -42; - - ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng); - if (ret < 0) return -43; - - ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key); - if (ret < 0) return -44; - - if (memcmp(plain, in, inLen)) return -45; - - ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng); - if (ret < 0) return -46; - - memset(plain, 0, sizeof(plain)); - ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key); - if (ret < 0) return -47; - - if (memcmp(plain, in, ret)) return -48; - -#if defined(CYASSL_MDK_ARM) - #define sizeof(s) strlen((char *)(s)) -#endif - -#ifdef USE_CERT_BUFFERS_1024 - XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024); - bytes = sizeof_client_cert_der_1024; -#elif defined(USE_CERT_BUFFERS_2048) - XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048); - bytes = sizeof_client_cert_der_2048; -#else - file2 = fopen(clientCert, "rb"); - if (!file2) - return -49; - - bytes = fread(tmp, 1, FOURK_BUF, file2); - fclose(file2); -#endif - -#ifdef sizeof - #undef sizeof -#endif - -#ifdef CYASSL_TEST_CERT - InitDecodedCert(&cert, tmp, (word32)bytes, 0); - - ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) return -491; - - FreeDecodedCert(&cert); -#else - (void)bytes; -#endif - - -#ifdef CYASSL_KEY_GEN - { - byte* der; - byte* pem; - int derSz = 0; - int pemSz = 0; - RsaKey derIn; - RsaKey genKey; - FILE* keyFile; - FILE* pemFile; - - ret = InitRsaKey(&genKey, 0); - if (ret != 0) - return -300; - ret = MakeRsaKey(&genKey, 1024, 65537, &rng); - if (ret != 0) - return -301; - - der = (byte*)malloc(FOURK_BUF); - if (der == NULL) { - FreeRsaKey(&genKey); - return -307; - } - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(der); - FreeRsaKey(&genKey); - return -308; - } - - derSz = RsaKeyToDer(&genKey, der, FOURK_BUF); - if (derSz < 0) { - free(der); - free(pem); - return -302; - } - - keyFile = fopen("./key.der", "wb"); - if (!keyFile) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -303; - } - ret = (int)fwrite(der, 1, derSz, keyFile); - fclose(keyFile); - if (ret != derSz) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -313; - } - - pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE); - if (pemSz < 0) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -304; - } - - pemFile = fopen("./key.pem", "wb"); - if (!pemFile) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -305; - } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - fclose(pemFile); - if (ret != pemSz) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -314; - } - - ret = InitRsaKey(&derIn, 0); - if (ret != 0) { - free(der); - free(pem); - FreeRsaKey(&genKey); - return -3060; - } - idx = 0; - ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz); - if (ret != 0) { - free(der); - free(pem); - FreeRsaKey(&derIn); - FreeRsaKey(&genKey); - return -306; - } - - FreeRsaKey(&derIn); - FreeRsaKey(&genKey); - free(pem); - free(der); - } -#endif /* CYASSL_KEY_GEN */ - - -#ifdef CYASSL_CERT_GEN - /* self signed */ - { - Cert myCert; - byte* derCert; - byte* pem; - FILE* derFile; - FILE* pemFile; - int certSz; - int pemSz; -#ifdef CYASSL_TEST_CERT - DecodedCert decode; -#endif - - derCert = (byte*)malloc(FOURK_BUF); - if (derCert == NULL) - return -309; - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(derCert); - return -310; - } - - InitCert(&myCert); - - strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); - strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); - strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); - myCert.isCA = 1; - myCert.sigType = CTC_SHA256wRSA; - - certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); - if (certSz < 0) { - free(derCert); - free(pem); - return -401; - } - -#ifdef CYASSL_TEST_CERT - InitDecodedCert(&decode, derCert, certSz, 0); - ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) { - free(derCert); - free(pem); - return -402; - } - FreeDecodedCert(&decode); -#endif - derFile = fopen("./cert.der", "wb"); - if (!derFile) { - free(derCert); - free(pem); - return -403; - } - ret = (int)fwrite(derCert, 1, certSz, derFile); - fclose(derFile); - if (ret != certSz) { - free(derCert); - free(pem); - return -414; - } - - pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); - if (pemSz < 0) { - free(derCert); - free(pem); - return -404; - } - - pemFile = fopen("./cert.pem", "wb"); - if (!pemFile) { - free(derCert); - free(pem); - return -405; - } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - fclose(pemFile); - if (ret != pemSz) { - free(derCert); - free(pem); - return -406; - } - free(pem); - free(derCert); - } - /* CA style */ - { - RsaKey caKey; - Cert myCert; - byte* derCert; - byte* pem; - FILE* derFile; - FILE* pemFile; - int certSz; - int pemSz; - size_t bytes3; - word32 idx3 = 0; - FILE* file3 ; -#ifdef CYASSL_TEST_CERT - DecodedCert decode; -#endif - - derCert = (byte*)malloc(FOURK_BUF); - if (derCert == NULL) - return -311; - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(derCert); - return -312; - } - - file3 = fopen(caKeyFile, "rb"); - - if (!file3) { - free(derCert); - free(pem); - return -412; - } - - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); - - ret = InitRsaKey(&caKey, 0); - if (ret != 0) { - free(derCert); - free(pem); - return -411; - } - ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); - if (ret != 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -413; - } - - InitCert(&myCert); - - strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); - strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); - strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); - - ret = SetIssuer(&myCert, caCertFile); - if (ret < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -405; - } - - certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); - if (certSz < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -407; - } - - certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, - &caKey, NULL, &rng); - if (certSz < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -408; - } - - -#ifdef CYASSL_TEST_CERT - InitDecodedCert(&decode, derCert, certSz, 0); - ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -409; - } - FreeDecodedCert(&decode); -#endif - - derFile = fopen("./othercert.der", "wb"); - if (!derFile) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -410; - } - ret = (int)fwrite(derCert, 1, certSz, derFile); - fclose(derFile); - if (ret != certSz) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -416; - } - - pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); - if (pemSz < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -411; - } - - pemFile = fopen("./othercert.pem", "wb"); - if (!pemFile) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -412; - } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - if (ret != pemSz) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -415; - } - fclose(pemFile); - free(pem); - free(derCert); - FreeRsaKey(&caKey); - } -#ifdef HAVE_ECC - /* ECC CA style */ - { - ecc_key caKey; - Cert myCert; - byte* derCert; - byte* pem; - FILE* derFile; - FILE* pemFile; - int certSz; - int pemSz; - size_t bytes3; - word32 idx3 = 0; - FILE* file3; -#ifdef CYASSL_TEST_CERT - DecodedCert decode; -#endif - - derCert = (byte*)malloc(FOURK_BUF); - if (derCert == NULL) - return -5311; - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(derCert); - return -5312; - } - - file3 = fopen(eccCaKeyFile, "rb"); - - if (!file3) { - free(derCert); - free(pem); - return -5412; - } - - bytes3 = fread(tmp, 1, FOURK_BUF, file3); - fclose(file3); - - ecc_init(&caKey); - ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); - if (ret != 0) { - free(derCert); - free(pem); - return -5413; - } - - InitCert(&myCert); - myCert.sigType = CTC_SHA256wECDSA; - - strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); - strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE); - strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); - strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE); - - ret = SetIssuer(&myCert, eccCaCertFile); - if (ret < 0) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5405; - } - - certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); - if (certSz < 0) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5407; - } - - certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, - NULL, &caKey, &rng); - if (certSz < 0) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5408; - } - -#ifdef CYASSL_TEST_CERT - InitDecodedCert(&decode, derCert, certSz, 0); - ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5409; - } - FreeDecodedCert(&decode); -#endif - - derFile = fopen("./certecc.der", "wb"); - if (!derFile) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5410; - } - ret = (int)fwrite(derCert, 1, certSz, derFile); - fclose(derFile); - if (ret != certSz) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5414; - } - - pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); - if (pemSz < 0) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5411; - } - - pemFile = fopen("./certecc.pem", "wb"); - if (!pemFile) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5412; - } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - if (ret != pemSz) { - free(pem); - free(derCert); - ecc_free(&caKey); - return -5415; - } - fclose(pemFile); - free(pem); - free(derCert); - ecc_free(&caKey); - } -#endif /* HAVE_ECC */ -#ifdef HAVE_NTRU - { - RsaKey caKey; - Cert myCert; - byte* derCert; - byte* pem; - FILE* derFile; - FILE* pemFile; - FILE* caFile; - FILE* ntruPrivFile; - int certSz; - int pemSz; - word32 idx3; -#ifdef CYASSL_TEST_CERT - DecodedCert decode; -#endif - derCert = (byte*)malloc(FOURK_BUF); - if (derCert == NULL) - return -311; - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(derCert); - return -312; - } - - byte public_key[557]; /* sized for EES401EP2 */ - word16 public_key_len; /* no. of octets in public key */ - byte private_key[607]; /* sized for EES401EP2 */ - word16 private_key_len; /* no. of octets in private key */ - DRBG_HANDLE drbg; - static uint8_t const pers_str[] = { - 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' - }; - word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), - GetEntropy, &drbg); - if (rc != DRBG_OK) { - free(derCert); - free(pem); - return -450; - } - - rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, - NULL, &private_key_len, NULL); - if (rc != NTRU_OK) { - free(derCert); - free(pem); - return -451; - } - - rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, - public_key, &private_key_len, private_key); - crypto_drbg_uninstantiate(drbg); - - if (rc != NTRU_OK) { - free(derCert); - free(pem); - return -452; - } - - caFile = fopen(caKeyFile, "rb"); - - if (!caFile) { - free(derCert); - free(pem); - return -453; - } - - bytes = fread(tmp, 1, FOURK_BUF, caFile); - fclose(caFile); - - ret = InitRsaKey(&caKey, 0); - if (ret != 0) { - free(derCert); - free(pem); - return -459; - } - ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes); - if (ret != 0) { - free(derCert); - free(pem); - return -454; - } - - InitCert(&myCert); - - strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); - strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); - strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); - strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); - strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); - - ret = SetIssuer(&myCert, caCertFile); - if (ret < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -455; - } - - certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key, - public_key_len, &rng); - if (certSz < 0) { - free(derCert); - free(pem); - FreeRsaKey(&caKey); - return -456; - } - - certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, - &caKey, NULL, &rng); - FreeRsaKey(&caKey); - if (certSz < 0) { - free(derCert); - free(pem); - return -457; - } - - -#ifdef CYASSL_TEST_CERT - InitDecodedCert(&decode, derCert, certSz, 0); - ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) { - free(derCert); - free(pem); - return -458; - } - FreeDecodedCert(&decode); -#endif - derFile = fopen("./ntru-cert.der", "wb"); - if (!derFile) { - free(derCert); - free(pem); - return -459; - } - ret = (int)fwrite(derCert, 1, certSz, derFile); - fclose(derFile); - if (ret != certSz) { - free(derCert); - free(pem); - return -473; - } - - pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); - if (pemSz < 0) { - free(derCert); - free(pem); - return -460; - } - - pemFile = fopen("./ntru-cert.pem", "wb"); - if (!pemFile) { - free(derCert); - free(pem); - return -461; - } - ret = (int)fwrite(pem, 1, pemSz, pemFile); - fclose(pemFile); - if (ret != pemSz) { - free(derCert); - free(pem); - return -474; - } - - ntruPrivFile = fopen("./ntru-key.raw", "wb"); - if (!ntruPrivFile) { - free(derCert); - free(pem); - return -462; - } - ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); - fclose(ntruPrivFile); - if (ret != private_key_len) { - free(pem); - free(derCert); - return -475; - } - free(pem); - free(derCert); - } -#endif /* HAVE_NTRU */ -#ifdef CYASSL_CERT_REQ - { - Cert req; - byte* der; - byte* pem; - int derSz; - int pemSz; - FILE* reqFile; - - der = (byte*)malloc(FOURK_BUF); - if (der == NULL) - return -463; - pem = (byte*)malloc(FOURK_BUF); - if (pem == NULL) { - free(der); - return -464; - } - - InitCert(&req); - - req.version = 0; - req.isCA = 1; - strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE); - strncpy(req.subject.country, "US", CTC_NAME_SIZE); - strncpy(req.subject.state, "OR", CTC_NAME_SIZE); - strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); - strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE); - strncpy(req.subject.unit, "Development", CTC_NAME_SIZE); - strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); - strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); - req.sigType = CTC_SHA256wRSA; - - derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL); - if (derSz < 0) { - free(pem); - free(der); - return -465; - } - - derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF, - &key, NULL, &rng); - if (derSz < 0) { - free(pem); - free(der); - return -466; - } - - pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE); - if (pemSz < 0) { - free(pem); - free(der); - return -467; - } - - reqFile = fopen("./certreq.der", "wb"); - if (!reqFile) { - free(pem); - free(der); - return -468; - } - - ret = (int)fwrite(der, 1, derSz, reqFile); - fclose(reqFile); - if (ret != derSz) { - free(pem); - free(der); - return -471; - } - - reqFile = fopen("./certreq.pem", "wb"); - if (!reqFile) { - free(pem); - free(der); - return -469; - } - ret = (int)fwrite(pem, 1, pemSz, reqFile); - fclose(reqFile); - if (ret != pemSz) { - free(pem); - free(der); - return -470; - } - - free(pem); - free(der); - } -#endif /* CYASSL_CERT_REQ */ -#endif /* CYASSL_CERT_GEN */ - - FreeRsaKey(&key); -#ifdef HAVE_CAVIUM - RsaFreeCavium(&key); -#endif - free(tmp); - - return 0; -} - -#endif - - -#ifndef NO_DH - -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* dhKey = "a:\certs\\dh2048.der"; - #else - static const char* dhKey = "./certs/dh2048.der"; - #endif -#endif - -int dh_test(void) -{ - int ret; - word32 bytes; - word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2; - byte tmp[1024]; - byte priv[256]; - byte pub[256]; - byte priv2[256]; - byte pub2[256]; - byte agree[256]; - byte agree2[256]; - DhKey key; - DhKey key2; - RNG rng; - - -#ifdef USE_CERT_BUFFERS_1024 - XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); - bytes = sizeof_dh_key_der_1024; -#elif defined(USE_CERT_BUFFERS_2048) - XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); - bytes = sizeof_dh_key_der_2048; -#else - FILE* file = fopen(dhKey, "rb"); - - if (!file) - return -50; - - bytes = (word32) fread(tmp, 1, sizeof(tmp), file); - fclose(file); -#endif /* USE_CERT_BUFFERS */ - - InitDhKey(&key); - InitDhKey(&key2); - ret = DhKeyDecode(tmp, &idx, &key, bytes); - if (ret != 0) - return -51; - - idx = 0; - ret = DhKeyDecode(tmp, &idx, &key2, bytes); - if (ret != 0) - return -52; - - ret = InitRng(&rng); - if (ret != 0) - return -53; - - ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); - ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); - if (ret != 0) - return -54; - - ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); - ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz); - if (ret != 0) - return -55; - - if (memcmp(agree, agree2, agreeSz)) - return -56; - - FreeDhKey(&key); - FreeDhKey(&key2); - - return 0; -} - -#endif /* NO_DH */ - - -#ifndef NO_DSA - -#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) - #ifdef FREESCALE_MQX - static const char* dsaKey = "a:\\certs\\dsa2048.der"; - #else - static const char* dsaKey = "./certs/dsa2048.der"; - #endif -#endif - -int dsa_test(void) -{ - int ret, answer; - word32 bytes; - word32 idx = 0; - byte tmp[1024]; - DsaKey key; - RNG rng; - Sha sha; - byte hash[SHA_DIGEST_SIZE]; - byte signature[40]; - - -#ifdef USE_CERT_BUFFERS_1024 - XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); - bytes = sizeof_dsa_key_der_1024; -#elif defined(USE_CERT_BUFFERS_2048) - XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); - bytes = sizeof_dsa_key_der_2048; -#else - FILE* file = fopen(dsaKey, "rb"); - - if (!file) - return -60; - - bytes = (word32) fread(tmp, 1, sizeof(tmp), file); - fclose(file); -#endif /* USE_CERT_BUFFERS */ - - ret = InitSha(&sha); - if (ret != 0) - return -4002; - ShaUpdate(&sha, tmp, bytes); - ShaFinal(&sha, hash); - - InitDsaKey(&key); - ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes); - if (ret != 0) return -61; - - ret = InitRng(&rng); - if (ret != 0) return -62; - - ret = DsaSign(hash, signature, &key, &rng); - if (ret != 0) return -63; - - ret = DsaVerify(hash, signature, &key, &answer); - if (ret != 0) return -64; - if (answer != 1) return -65; - - FreeDsaKey(&key); - - return 0; -} - -#endif /* NO_DSA */ - - -#ifdef OPENSSL_EXTRA - -int openssl_test(void) -{ - EVP_MD_CTX md_ctx; - testVector a, b, c, d, e, f; - byte hash[SHA_DIGEST_SIZE*4]; /* max size */ - - (void)e; - (void)f; - - a.input = "1234567890123456789012345678901234567890123456789012345678" - "9012345678901234567890"; - a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" - "\x7a"; - a.inLen = strlen(a.input); - a.outLen = MD5_DIGEST_SIZE; - - EVP_MD_CTX_init(&md_ctx); - EVP_DigestInit(&md_ctx, EVP_md5()); - - EVP_DigestUpdate(&md_ctx, a.input, a.inLen); - EVP_DigestFinal(&md_ctx, hash, 0); - - if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0) - return -71; - - b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - "aaaaaaaaaa"; - b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" - "\x53\x99\x5E\x26\xA0"; - b.inLen = strlen(b.input); - b.outLen = SHA_DIGEST_SIZE; - - EVP_MD_CTX_init(&md_ctx); - EVP_DigestInit(&md_ctx, EVP_sha1()); - - EVP_DigestUpdate(&md_ctx, b.input, b.inLen); - EVP_DigestFinal(&md_ctx, hash, 0); - - if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0) - return -72; - - - d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; - d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" - "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" - "\x06\xC1"; - d.inLen = strlen(d.input); - d.outLen = SHA256_DIGEST_SIZE; - - EVP_MD_CTX_init(&md_ctx); - EVP_DigestInit(&md_ctx, EVP_sha256()); - - EVP_DigestUpdate(&md_ctx, d.input, d.inLen); - EVP_DigestFinal(&md_ctx, hash, 0); - - if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0) - return -78; - -#ifdef CYASSL_SHA384 - - e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" - "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" - "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" - "\x74\x60\x39"; - e.inLen = strlen(e.input); - e.outLen = SHA384_DIGEST_SIZE; - - EVP_MD_CTX_init(&md_ctx); - EVP_DigestInit(&md_ctx, EVP_sha384()); - - EVP_DigestUpdate(&md_ctx, e.input, e.inLen); - EVP_DigestFinal(&md_ctx, hash, 0); - - if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0) - return -79; - -#endif /* CYASSL_SHA384 */ - - -#ifdef CYASSL_SHA512 - - f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" - "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; - f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" - "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" - "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" - "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; - f.inLen = strlen(f.input); - f.outLen = SHA512_DIGEST_SIZE; - - EVP_MD_CTX_init(&md_ctx); - EVP_DigestInit(&md_ctx, EVP_sha512()); - - EVP_DigestUpdate(&md_ctx, f.input, f.inLen); - EVP_DigestFinal(&md_ctx, hash, 0); - - if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0) - return -80; - -#endif /* CYASSL_SHA512 */ - - - if (RAND_bytes(hash, sizeof(hash)) != 1) - return -73; - - c.input = "what do ya want for nothing?"; - c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" - "\x38"; - c.inLen = strlen(c.input); - c.outLen = MD5_DIGEST_SIZE; - - HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0); - - if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0) - return -74; - - { /* des test */ - const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - byte plain[24]; - byte cipher[24]; - - const_DES_cblock key = - { - 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef - }; - - DES_cblock iv = - { - 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef - }; - - DES_key_schedule sched; - - const byte verify[] = - { - 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, - 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, - 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b - }; - - DES_key_sched(&key, &sched); - - DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT); - DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT); - - if (memcmp(plain, vector, sizeof(vector)) != 0) - return -75; - - if (memcmp(cipher, verify, sizeof(verify)) != 0) - return -76; - - /* test changing iv */ - DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT); - DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT); - - if (memcmp(cipher, verify, sizeof(verify)) != 0) - return -77; - - } /* end des test */ - - { /* evp_cipher test */ - EVP_CIPHER_CTX ctx; - - - const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ - 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, - 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, - 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 - }; - - const byte verify[] = - { - 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, - 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb - }; - - byte key[] = "0123456789abcdef "; /* align */ - byte iv[] = "1234567890abcdef "; /* align */ - - byte cipher[AES_BLOCK_SIZE * 4]; - byte plain [AES_BLOCK_SIZE * 4]; - - EVP_CIPHER_CTX_init(&ctx); - if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) - return -81; - - if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) - return -82; - - if (memcmp(cipher, verify, AES_BLOCK_SIZE)) - return -83; - - EVP_CIPHER_CTX_init(&ctx); - if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) - return -84; - - if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) - return -85; - - if (memcmp(plain, msg, AES_BLOCK_SIZE)) - return -86; - - - } /* end evp_cipher test */ - - return 0; -} - -#endif /* OPENSSL_EXTRA */ - - -#ifndef NO_PWDBASED - -int pkcs12_test(void) -{ - const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, - 0x00, 0x00 }; - const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f }; - - const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65, - 0x00, 0x67, 0x00, 0x00 }; - const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 }; - byte derived[64]; - - const byte verify[] = { - 0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46, - 0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E, - 0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3 - }; - - const byte verify2[] = { - 0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E, - 0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB, - 0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F - }; - - int id = 1; - int kLen = 24; - int iterations = 1; - int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations, - kLen, SHA, id); - - if (ret < 0) - return -103; - - if ( (ret = memcmp(derived, verify, kLen)) != 0) - return -104; - - iterations = 1000; - ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, - kLen, SHA, id); - if (ret < 0) - return -105; - - if ( (ret = memcmp(derived, verify2, 24)) != 0) - return -106; - - return 0; -} - - -int pbkdf2_test(void) -{ - char passwd[] = "password"; - const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; - int iterations = 2048; - int kLen = 24; - byte derived[64]; - - const byte verify[] = { - 0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2, - 0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43 - - }; - - int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, - iterations, kLen, SHA); - if (ret != 0) - return ret; - - if (memcmp(derived, verify, sizeof(verify)) != 0) - return -102; - - return 0; -} - - -int pbkdf1_test(void) -{ - char passwd[] = "password"; - const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; - int iterations = 1000; - int kLen = 16; - byte derived[16]; - - const byte verify[] = { - 0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB, - 0x4A, 0x3D, 0x2A, 0x20 - }; - - PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations, - kLen, SHA); - - if (memcmp(derived, verify, sizeof(verify)) != 0) - return -101; - - return 0; -} - - -int pwdbased_test(void) -{ - int ret = pbkdf1_test(); - ret += pbkdf2_test(); - - return ret + pkcs12_test(); -} - -#endif /* NO_PWDBASED */ - -#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256)) - -int hkdf_test(void) -{ - int ret; - int L = 42; - byte okm1[42]; - byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, - 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; - byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c }; - byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, - 0xf8, 0xf9 }; - byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61, - 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06, - 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06, - 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0, - 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3, - 0x49, 0x18 }; - byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69, - 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81, - 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15, - 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2, - 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3, - 0xf8, 0x96 }; - byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, - 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31, - 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e, - 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, - 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, - 0x96, 0xc8 }; - byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, - 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, - 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, - 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, - 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, - 0x58, 0x65 }; - - (void)res1; - (void)res2; - (void)res3; - (void)res4; - -#ifndef NO_SHA - ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L); - if (ret != 0) - return -2001; - - if (memcmp(okm1, res1, L) != 0) - return -2002; - - ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L); - if (ret != 0) - return -2003; - - if (memcmp(okm1, res2, L) != 0) - return -2004; -#endif /* NO_SHA */ - -#ifndef NO_SHA256 - ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L); - if (ret != 0) - return -2005; - - if (memcmp(okm1, res3, L) != 0) - return -2006; - - ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L); - if (ret != 0) - return -2007; - - if (memcmp(okm1, res4, L) != 0) - return -2007; -#endif /* NO_SHA256 */ - - return 0; -} - -#endif /* HAVE_HKDF */ - - -#ifdef HAVE_ECC - -int ecc_test(void) -{ - RNG rng; - byte sharedA[1024]; - byte sharedB[1024]; - byte sig[1024]; - byte digest[20]; - byte exportBuf[1024]; - word32 x, y; - int i, verify, ret; - ecc_key userA, userB, pubKey; - - ret = InitRng(&rng); - if (ret != 0) - return -1001; - - ecc_init(&userA); - ecc_init(&userB); - ecc_init(&pubKey); - - ret = ecc_make_key(&rng, 32, &userA); - - if (ret != 0) - return -1014; - - ret = ecc_make_key(&rng, 32, &userB); - - if (ret != 0) - return -1002; - - x = sizeof(sharedA); - ret = ecc_shared_secret(&userA, &userB, sharedA, &x); - - if (ret != 0) - return -1015; - - y = sizeof(sharedB); - ret = ecc_shared_secret(&userB, &userA, sharedB, &y); - - if (ret != 0) - return -1003; - - if (y != x) - return -1004; - - if (memcmp(sharedA, sharedB, x)) - return -1005; - - x = sizeof(exportBuf); - ret = ecc_export_x963(&userA, exportBuf, &x); - if (ret != 0) - return -1006; - - ret = ecc_import_x963(exportBuf, x, &pubKey); - - if (ret != 0) - return -1007; - - y = sizeof(sharedB); - ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y); - - if (ret != 0) - return -1008; - - if (memcmp(sharedA, sharedB, y)) - return -1010; - - /* test DSA sign hash */ - for (i = 0; i < (int)sizeof(digest); i++) - digest[i] = (byte)i; - - x = sizeof(sig); - ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); - - if (ret != 0) - return -1016; - - verify = 0; - ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); - - if (ret != 0) - return -1011; - - if (verify != 1) - return -1012; - - x = sizeof(exportBuf); - ret = ecc_export_private_only(&userA, exportBuf, &x); - if (ret != 0) - return -1013; - - ecc_free(&pubKey); - ecc_free(&userB); - ecc_free(&userA); - - return 0; -} - -#ifdef HAVE_ECC_ENCRYPT - -int ecc_encrypt_test(void) -{ - RNG rng; - int ret; - ecc_key userA, userB; - byte msg[48]; - byte plain[48]; - byte out[80]; - word32 outSz = sizeof(out); - word32 plainSz = sizeof(plain); - int i; - - ret = InitRng(&rng); - if (ret != 0) - return -3001; - - ecc_init(&userA); - ecc_init(&userB); - - ret = ecc_make_key(&rng, 32, &userA); - ret += ecc_make_key(&rng, 32, &userB); - - if (ret != 0) - return -3002; - - for (i = 0; i < 48; i++) - msg[i] = i; - - /* encrypt msg to B */ - ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); - if (ret != 0) - return -3003; - - /* decrypt msg from A */ - ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); - if (ret != 0) - return -3004; - - if (memcmp(plain, msg, sizeof(msg)) != 0) - return -3005; - - - { /* let's verify message exchange works, A is client, B is server */ - ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); - ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); - - byte cliSalt[EXCHANGE_SALT_SZ]; - byte srvSalt[EXCHANGE_SALT_SZ]; - const byte* tmpSalt; - - if (cliCtx == NULL || srvCtx == NULL) - return -3006; - - /* get salt to send to peer */ - tmpSalt = ecc_ctx_get_own_salt(cliCtx); - if (tmpSalt == NULL) - return -3007; - memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ); - - tmpSalt = ecc_ctx_get_own_salt(srvCtx); - if (tmpSalt == NULL) - return -3007; - memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ); - - /* in actual use, we'd get the peer's salt over the transport */ - ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt); - ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt); - - if (ret != 0) - return -3008; - - /* get encrypted msg (request) to send to B */ - outSz = sizeof(out); - ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx); - if (ret != 0) - return -3009; - - /* B decrypts msg (request) from A */ - plainSz = sizeof(plain); - ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx); - if (ret != 0) - return -3010; - - if (memcmp(plain, msg, sizeof(msg)) != 0) - return -3011; - - { - /* msg2 (response) from B to A */ - byte msg2[48]; - byte plain2[48]; - byte out2[80]; - word32 outSz2 = sizeof(out2); - word32 plainSz2 = sizeof(plain2); - - for (i = 0; i < 48; i++) - msg2[i] = i+48; - - /* get encrypted msg (response) to send to B */ - ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2, - &outSz2, srvCtx); - if (ret != 0) - return -3012; - - /* A decrypts msg (response) from B */ - ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2, - cliCtx); - if (ret != 0) - return -3013; - - if (memcmp(plain2, msg2, sizeof(msg2)) != 0) - return -3014; - } - - /* cleanup */ - ecc_ctx_free(srvCtx); - ecc_ctx_free(cliCtx); - } - - /* cleanup */ - ecc_free(&userB); - ecc_free(&userA); - - return 0; -} - -#endif /* HAVE_ECC_ENCRYPT */ -#endif /* HAVE_ECC */ - -#ifdef HAVE_LIBZ - -const byte sample_text[] = - "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" - "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" - "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" - "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" - "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" - "small batch meggings kogi dolore food truck bespoke gastropub.\n" - "\n" - "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" - "four loko you probably haven't heard of them high life. Messenger bag\n" - "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" - "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" - "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" - "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" - "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" - "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n" - "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n" - "four loko whatever street art yr farm-to-table.\n" - "\n" - "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n" - "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n" - "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n" - "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n" - "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n" - "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n" - "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n" - "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n" - "locavore.\n" - "\n" - "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n" - "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n" - "cillum pickled velit, YOLO officia you probably haven't heard of them\n" - "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n" - "small batch american apparel. Put a bird on it cosby sweater before they\n" - "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n" - "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n" - "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n" - "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n" - "neutra PBR selvage.\n" - "\n" - "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n" - "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n" - "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n" - "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n" - "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n" - "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n" - "incididunt flannel sustainable helvetica pork belly pug banksy you\n" - "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n" - "mollit magna, sriracha sartorial helvetica.\n" - "\n" - "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n" - "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n" - "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n" - "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n" - "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n" - "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n" - "Veniam sunt food truck leggings, sint vinyl fap.\n" - "\n" - "Hella dolore pork belly, truffaut carles you probably haven't heard of\n" - "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n" - "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n" - "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n" - "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n" - "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n" - "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n" - "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n" - "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n" - "\n" - "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n" - "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n" - "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n" - "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n" - "tousled beard mollit mustache leggings portland next level. Nihil esse\n" - "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n" - "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" - "bag dolor terry richardson sapiente.\n"; - - -int compress_test(void) -{ - int ret = 0; - word32 dSz = sizeof(sample_text); - word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); - byte *c = NULL; - byte *d = NULL; - - c = calloc(cSz, sizeof(byte)); - d = calloc(dSz, sizeof(byte)); - - if (c == NULL || d == NULL) - ret = -300; - - if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0) - ret = -301; - - if (ret > 0) { - cSz = (word32)ret; - ret = 0; - } - - if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) - ret = -302; - - if (ret == 0 && memcmp(d, sample_text, dSz)) - ret = -303; - - if (c) free(c); - if (d) free(d); - - return ret; -} - -#endif /* HAVE_LIBZ */ - -#ifdef HAVE_PKCS7 - -int pkcs7enveloped_test(void) -{ - int ret = 0; - - int cipher = DES3b; - int envelopedSz, decodedSz; - PKCS7 pkcs7; - byte* cert; - byte* privKey; - byte enveloped[2048]; - byte decoded[2048]; - - size_t certSz; - size_t privKeySz; - FILE* certFile; - FILE* keyFile; - FILE* pkcs7File; - const char* pkcs7OutFile = "pkcs7envelopedData.der"; - - const byte data[] = { /* Hello World */ - 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, - 0x72,0x6c,0x64 - }; - - /* read client cert and key in DER format */ - cert = (byte*)malloc(FOURK_BUF); - if (cert == NULL) - return -201; - - privKey = (byte*)malloc(FOURK_BUF); - if (privKey == NULL) { - free(cert); - return -202; - } - - certFile = fopen(clientCert, "rb"); - if (!certFile) { - free(cert); - free(privKey); - err_sys("can't open ./certs/client-cert.der, " - "Please run from CyaSSL home dir", -42); - } - - certSz = fread(cert, 1, FOURK_BUF, certFile); - fclose(certFile); - - keyFile = fopen(clientKey, "rb"); - if (!keyFile) { - free(cert); - free(privKey); - err_sys("can't open ./certs/client-key.der, " - "Please run from CyaSSL home dir", -43); - } - - privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); - fclose(keyFile); - - PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); - pkcs7.content = (byte*)data; - pkcs7.contentSz = (word32)sizeof(data); - pkcs7.contentOID = DATA; - pkcs7.encryptOID = cipher; - pkcs7.privateKey = privKey; - pkcs7.privateKeySz = (word32)privKeySz; - - /* encode envelopedData */ - envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped, - sizeof(enveloped)); - if (envelopedSz <= 0) { - free(cert); - free(privKey); - return -203; - } - - /* decode envelopedData */ - decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, - decoded, sizeof(decoded)); - if (decodedSz <= 0) { - free(cert); - free(privKey); - return -204; - } - - /* test decode result */ - if (memcmp(decoded, data, sizeof(data)) != 0) { - free(cert); - free(privKey); - return -205; - } - - /* output pkcs7 envelopedData for external testing */ - pkcs7File = fopen(pkcs7OutFile, "wb"); - if (!pkcs7File) { - free(cert); - free(privKey); - return -206; - } - - ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); - fclose(pkcs7File); - - free(cert); - free(privKey); - PKCS7_Free(&pkcs7); - - if (ret > 0) - return 0; - - return ret; -} - -int pkcs7signed_test(void) -{ - int ret = 0; - - FILE* file; - byte* certDer; - byte* keyDer; - byte* out; - char data[] = "Hello World"; - word32 dataSz, outSz, certDerSz, keyDerSz; - PKCS7 msg; - RNG rng; - - byte transIdOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x07 }; - byte messageTypeOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x02 }; - byte senderNonceOid[] = - { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, - 0x09, 0x05 }; - byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; - byte messageType[] = { 0x13, 2, '1', '9' }; - byte senderNonce[PKCS7_NONCE_SZ + 2]; - - PKCS7Attrib attribs[] = - { - { transIdOid, sizeof(transIdOid), - transId, sizeof(transId) - 1 }, /* take off the null */ - { messageTypeOid, sizeof(messageTypeOid), - messageType, sizeof(messageType) }, - { senderNonceOid, sizeof(senderNonceOid), - senderNonce, sizeof(senderNonce) } - }; - - dataSz = (word32) strlen(data); - outSz = FOURK_BUF; - - certDer = (byte*)malloc(FOURK_BUF); - if (certDer == NULL) - return -207; - keyDer = (byte*)malloc(FOURK_BUF); - if (keyDer == NULL) { - free(certDer); - return -208; - } - out = (byte*)malloc(FOURK_BUF); - if (out == NULL) { - free(certDer); - free(keyDer); - return -209; - } - - /* read in DER cert of recipient, into cert of size certSz */ - file = fopen(clientCert, "rb"); - if (!file) { - free(certDer); - free(keyDer); - free(out); - err_sys("can't open ./certs/client-cert.der, " - "Please run from CyaSSL home dir", -44); - } - certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); - fclose(file); - - file = fopen(clientKey, "rb"); - if (!file) { - free(certDer); - free(keyDer); - free(out); - err_sys("can't open ./certs/client-key.der, " - "Please run from CyaSSL home dir", -45); - } - keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); - fclose(file); - - ret = InitRng(&rng); - if (ret != 0) { - free(certDer); - free(keyDer); - free(out); - return -210; - } - - senderNonce[0] = 0x04; - senderNonce[1] = PKCS7_NONCE_SZ; - - ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ); - if (ret != 0) { - free(certDer); - free(keyDer); - free(out); - return -211; - } - - PKCS7_InitWithCert(&msg, certDer, certDerSz); - msg.privateKey = keyDer; - msg.privateKeySz = keyDerSz; - msg.content = (byte*)data; - msg.contentSz = dataSz; - msg.hashOID = SHAh; - msg.encryptOID = RSAk; - msg.signedAttribs = attribs; - msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); - msg.rng = &rng; - { - Sha sha; - byte digest[SHA_DIGEST_SIZE]; - int i,j; - - transId[0] = 0x13; - transId[1] = SHA_DIGEST_SIZE * 2; - - ret = InitSha(&sha); - if (ret != 0) { - free(certDer); - free(keyDer); - free(out); - return -4003; - } - ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); - ShaFinal(&sha, digest); - - for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { - snprintf((char*)&transId[j], 3, "%02x", digest[i]); - } - } - ret = PKCS7_EncodeSignedData(&msg, out, outSz); - if (ret < 0) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -212; - } - else - outSz = ret; - - /* write PKCS#7 to output file for more testing */ - file = fopen("./pkcs7signedData.der", "wb"); - if (!file) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -213; - } - ret = (int)fwrite(out, 1, outSz, file); - fclose(file); - if (ret != (int)outSz) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -218; - } - - PKCS7_Free(&msg); - PKCS7_InitWithCert(&msg, NULL, 0); - - ret = PKCS7_VerifySignedData(&msg, out, outSz); - if (ret < 0) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -214; - } - - if (msg.singleCert == NULL || msg.singleCertSz == 0) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -215; - } - - file = fopen("./pkcs7cert.der", "wb"); - if (!file) { - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - return -216; - } - ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file); - fclose(file); - - free(certDer); - free(keyDer); - free(out); - PKCS7_Free(&msg); - - if (ret > 0) - return 0; - - return ret; -} - -#endif /* HAVE_PKCS7 */ - -#endif /* NO_CRYPT_TEST */ |